New Hampshire’s St. Mary’s Bank recently began notifying 115,775 customers that malware found on an employee’s computer may have captured sensitive information, including customer names, addresses, Social Security numbers, account information and transcaction records (h/t DataBreaches.net).
The malware, which was discovered on May 26, 2013, may have infected 23 computers at the bank beginning in February 2013.
While St. Mary’s found no evidence that any customer information was accessed, the bank is offering everyone who may have been affected a free one-year membership in Experian’s ProtectMyID Alert service, along with call center support for those potentially affected.
“We have received no reports of unusual activity in any of our member accounts related to this malware, but recommend that you carefully review your account statements for any sign of unauthorized activity and report it to us immediately,” St. Mary’s president and CEO Ronald H. Covey, Jr. wrote in the notification letter [PDF]. “In addition, even though we have found no evidence that any information sufficient to access an online account was acquired, we recommend that you change your online banking passwords as an additional precaution.”